You have things in the right order from what I understand, the general way an scp is done is:
scp sourceuser@sourcehost:/path/to/source/file destinationuser@destinationhost:/path/to/destination/
Judging by your question, you have a local file you want to send to the destination server. So you have the right syntax which is good!
If you’re getting permission denied, then you’re not using the correct username or something’s amiss with the authentication. Most likely, it’s because the sudo command only works locally, for starters, so it won’t give you root on the remote box, so that’s probably the problem. Make sure that the user you are logging in as on the remote server has write permissions to the location you’re trying to write to.
If the problem is the destinationuser doesn’t have access to that location without sudo, move the file to the destinationuser’s home folder then sudo mv the file from the shell on the other server to put it in the right location.
In my view “SCP permission denied” error, is the most common error in the world of Linux. So, whether you are Linux admin or newbie, Every one of us would have encountered this error. At least, once in a lifetime, that I can bet.
As a Linux user for many years. I have faced this issue during SCP and SSH operations. So I am sure, if you will land on this page, you will get the solution to all your “permission denied error in Linux”. Below mentioned are the samples of a few errors, you generally encounter. I am sure, at least one of the 9 solutions provided in this post will help you to resolve these issues.
- SCP permission denied
- SCP permission denied (publickey)
- Saving key “.ssh/id_rsa” failed: permission denied when SCP
- SCP permission denied ec2
- SCP permission denied AWS
- SCP permission denied, please try again
- SCP permission denied (publickey gssapi-keyex gssapi-with-mic)
- SCP permission denied (publickey). lost connection
Before explaining anything, Let me tell you all these problems occurs during file copy using SCP. So let’s understand about SCP utility first –
What is SCP file transfer?
SCP stands for Secure copy. This program helps in copying a file or folder between two computers securely, whether local or remote. it uses SSH (secure shell) protocol in background. Additionally, The data and password are encrypted to secure sensitive information.
Using scp, you have option of file or directory copy between –
- Local to the local system
- Remote system to local system
- Local system to remote system
- Local system to AWS EC2 instance
How do you SCP?
There are a lot of options and switches to use with SCP command. Let me show you some basic commands, just to give you some understanding of SCP.
SCP syntax:-
$ scp [-346BCpqrTv] [-c cipher] [-F ssh_config] [-i identity_file] [-l limit] [-o ssh_option] [-P port] [-S program] [[user@]host1:]file1 … [[user@]host2:]file2
- Visit scp man page for more information on options or syntax.
$ man scp
How to Copy local files to remote host with SCP
$ scp file user@host:path
Host :- can be IP address or hostname of remote system
: (colon) :- helps scp to identify remote host
Username:- on remote host
SSH key or password :- is required to copy file using scp
Path :- Absolute or relative path for local file or directory
For example –
$ scp test.txt user1@ubuntu:/tmp
Copy Remote file to local host
$ scp user@host:file path
How to Copy directories to local host using SCP
$ scp -r user@host:directory_path path
Copy file between two remote hosts
$ scp user1@host1:file1.txt user2@host1:directory_path
Now when you know, what are basic scp commands. Time to know about public key authentication-
SCP requires a password to authenticate to the remote system. But in case you want to avoid it or using SCP in scripts, Public key is required.
Basically, you generate a public-private key pair on the client (local) and copy the public key to a remote system (server) into the authorized key.
To make you understand scp commands easily, i have shared my LAB details
Lab setup details –
Local server name – Server1 (Ubuntu 18.04)
Remote server name – Server2 (Ubuntu 20.04)
Source file – /test/file1.txt
Target directory – /remote-test
username – dev
Scenario1-
I am trying to copy /test/file1.txt from server1 (local) to server2 (remote) in /remote-test directory. I am also getting permission denied.
$ scp "local-file" "user@remote-host:/path-to-remote-dir"
Reference output
To resolve these error – perform below mentioned steps-
Solution 1 :- Double check your user and password
Please make sure, you have mentioned correct username and password in the command. This is one of the very basic mistakes, we do. So, you can try writing your password in notepad, copy and paste it in command prompt. When asked during SCP command.
i have validated username and password is correct in my case.
Solution 2 :- Check for remote path
Make sure, the path you have mentioned as the remote directory is correct. For example, in my case /remote-test is the remote directory and it’s correct.
Solution 3 :- Check for Read write access on remote directory
Double-check, whether your user mentioned in command have read-write (RW) access on the remote directory. For example, in my case “/remote-dir” must-have RW access to user “dev“.
Follow these steps to check –
-> Login to remote system (server2)
-> Run “ls” -ld command to check permissions of /remote-dir.
$ ls -ld "your-remote-dir"
Reference output
So, if you will see in image, /remote-dir only allows read, write and execute (rwx) permission to root user only. For group and others, it has read and execute (r-x) permission. So my user “dev” will be treated as other, and it won’t be able to write. As a result, I am getting SCP permission denied error.
-> Now to resolve this error, assign Read-write-execute (rwx) permission to everyone.
$ sudo chmod 777 "path-to-your-remote-directory"
Reference output
-> Run scp command again
Warning
Setting 777 permission on any directory is not secure. So once you are able to isolate the “SCP permission denied” issue. Either change ownership and set permission to 755.
If you are still facing permission denied error, move to next step
Solution 4 :- ownership issues (directory should be owned by user)
-> Login to your remote system (server2)
-> Change ownership of your remote directory for your user. For example, I will change ownership of /remote-dir to my user “dev” instead of “root“.
$ sudo chown -R dev:dev "path to your remote directory"
Reference output
-> Run scp command and it must work for you
Solution 5 :- Diagnose problem with scp -v command
Try to use -v (verbose) option to diagnose the issue with scp command.
For example
$ scp -v /test/file1.txt dev@192.168.126.129:/remote-dir output truncated - debug1: Sending environment. debug1: Sending env LANG = en_IN debug1: Sending command: scp -v -t /remote-dir Sending file modes: C0644 0 file1.txt Sink: C0644 0 file1.txt scp: /remote-dir/file1.txt: Permission denied
Check message after scp -v -t command, if it shows permission denied, Follow solution 3 or 4 as described in the post. it will resolve your issue.
Solution 6 :- Validate option -P is used for port not -p
When running SCP command Option -P is used to mention custom port, in case default port TCP 22 is not used. Sometimes, instead of -P, we use -p (lowercase) by mistake. For better understanding let me tell you the difference between these two –
- -p (lowercase):- Preserve access, modification and modes from the original file.
- -P (uppercase):- Specified customize port to connect remote host.
For example port 2314 is custom port instead of 22.
$ scp -P 2314 dev@192.168.126.129:/remote-dir/file1.txt /test/
SCP permission denied (publickey) – AWS EC2 instance
Scenario 2-
Try below mentioned solution, in case of SCP permission denied (publickey) with AWS ec2 instance –
If you have set up password-less authentication or you have permission key with you to authenticate remote system, you may encounter this error.
Have a check from Solution 1-6 mentioned in the post, if it doesn’t help move further –
Solution 7 :- Use -i option and provide “.pem” private key always
When you use SCP and don’t use -i option. It uses default ssh key under (~/.ssh/) directory. So always use -i option and provide the path to “.pem” key file.
For example “ubuntu.pem” is key file in my case.
$ scp -i ~/Desktop/ubuntu.pem ~/Desktop/test/code/www/index.html dev2@server:/var/wwwSolution 8 :- if using permission key SSH is working but not SCP
If you are able to ssh to the remote host using -i option and not able to scp. It means you are hitting a bug.
So instead of using -i “path to .pem file”
$ scp -i ~/Desktop/ubuntu.pem ~/Desktop/test/code/www/index.html dev@server2:/var/wwwuse -o "IdentityFile" option.
$ scp -o IdentityFile ~/Desktop/ubuntu.pem ~/Desktop/test/code/www/index.html dev@server2:/var/wwwSolution 9 :- Try removing your host entry from “known_hosts” file
Sometime, there may be issue due to old or incorrect host key. Delete that particular host from know_hosts file using editor or command as follows.
$ ssh-keygen -R hostname
or
$ vim ~/.ssh/known_hostsFrequently Asked Questions (FAQ’s)
Can ssh but not SCP permission denied?
Answer
Run SCP command -vv option and try to debug the issue. Depending upon error, follow solution 1-9 mentioned in this post to resolve your issue.
Will SCP overwrite existing file?
Answer
Yes, SCP utility finds a file with the same name on target, and you have write permission on it. SCP command will overwrite it. You can change the permission of the target file or directory. So that SCP complaints about permission issue and can avoid overwriting. Alternatively, you can use rsync tool, which has a lot of options to sync data.
Does SCP copy or move?
Answer
SCP mean secure copy, as name suggest it only copy files or directories. There is no file movement occurs.
Why SCP is not working?
Answer
There may be many reasons if SCP is not working. check SCP “-vvv” option and try to debug, why it’s not working. I have given 9 solutions to tackle different permission denied errors. you can refer to them.
How do I know if SCP is working?
Answer
if the exit status of your command is “0 ” and you are able to copy your file or directory to remote host or AWS EC2 instance. You can be assured, SCP is working.
Why is permission denied error in Linux?
Answer
A lot of scenarios may be there for “permission denied error in Linux“. For example, if you don’t have read-write access on file or directory. Also, if you are trying to run a command which only root can run. You would need either root or sudo access to run these commands. For example, chmod or chown is one of these commands.
Video tutorial
If you need some video guidance. Check out this video on “SCP permission denied error“, The basic or common troubleshooting to start with.
Conclusion
There is no limit to issues or errors when you are in the technical world or on the way of learning. But I think your question on “why am I getting permission denied with SCP” will be resolved, once you will read the solution mentioned in this post. One or other solution will resolve your issue depending upon error code.
I hope you will leave with smile on your face, once your permission denied issue during scp will get resolve.
See you soon in the next post. Till that time keep learning.
Your commands are trying to put the new Document to the root (/) of your machine. What you want to do is to transfer them to your home directory (since you have no permissions to write to /). If path to your home is something like /home/erez try the following:
scp My_file.txt user_id@server:/home/erez/
You can substitute the path to your home directory with the shortcut ~/, so the following will have the same effect:
scp My_file.txt user_id@server:~/
You can even leave out the path altogether on the remote side; this means your home directory.
scp My_file.txt user_id@server:
That is, to copy the file to your desktop you might want to transfer it to /home/erez/Desktop/:
scp My_file.txt user_id@server:/home/erez/Desktop/
or using the shortcut:
scp My_file.txt user_id@server:~/Desktop/
or using a relative path on the remote side, which is interpreted relative to your home directory:
scp My_file.txt user_id@server:Desktop/
As @ckhan already mentioned, you also have to swap the arguments, it has to be
scp FROM TO
So if you want to copy the file My_file.txt from the server user_id@server to your desktop you should try the following:
scp user_id@server:/path/to/My_file.txt ~/Desktop/
If the file My_file.txt is located in your home directory on the server you may again use the shortcut:
scp user_id@server:~/My_file.txt ~/Desktop/
I had the same problem.
Tried everything couldn’t fix it, until I checked my ISP Gateway.
I work with a Zyxel gateway from my ISP and because that is far away from where I have another terminal I shoved a old Linksys DD-WRT flashed Router/Repeater in between. My host terminal that was connected to that Linksys was first connected to the Gateway with a DHCP table lock (I ordered the gateway to give the MAC from that terminal the same IP via DHCP). I did this because I first had a NAS server on that mac. Now I moved the terminal to another location and totally forgot the mac ip assignment.
So now i had a WIFI repeater connected to the Gateway, and the computer with the mac assigned was connected to that.
The problem now was that my Gateway thought it was the old NAS whilst it was the other terminal, and assigned the IP to the WIFI repeater, and this was an IP conflict so scp couldn’t find the right location. Which on it’s turn resulted in a access denied on scp. Weird was that everything did work out fine, i could get on the internet, surf, mail, but with scp it gave an conflict.
Changed it in the Gateway (removed the DHCP table), and assigned another ip to the terminal…
Now scp command worked as before!
It took me 8 hours to figure it out so I thought to share this little hickup that can really frustrate you freaking butt off…
Greets
Pi @ir
The SCP permission denied is an error message that is displayed when the user tries to copy files or data from a remote host that he does not have permission to access or tries to store the data in the root directory of his system, which does not allow the user to store data in it. In either of the cases, permission to access the data is required.
The SCP (Secure Copy Protocol) is a data transfer protocol explicitly used to copy data from one host to another over the network. The protocol runs on top of SSH (secured shell), which uses asymmetric cryptography to protect the data during transfers. Today we show you how to deal with protocol’s scp permission denied error.
Defining SCP
SCP is shot for secure copy protocol. It is an application layer protocol that works on top of the SSH protocol, a security protocol implemented between the application layer and the transport layer (TCP in this case). Scp command is compatible with all mainstream operating systems like Windows, Linux, macOS, etc. There are other similar protocols to the scp, such as SFTP (secure file transfer protocol), which transfers the data and performs data management functions. SCP comes pre-installed on macOS, Linux, and Windows. The user must have appropriate rights and permissions to avoid an scp permission denied error.
How to copy files using SCP
The scp command is not very complicated and simple to use. To perform any actions using the SCP without facing any permission error, you must have at least read permission on the remote host and otherwise write permission on the localhost. You might receive an scp permission error. The syntax of the command is intuitive and straightforward to use. Follow the given syntax to copy a file to the target location using scp.
scp [OPTION] user@src_host:file1 user@dest_host:file2The OPTIONs are additional options that can be used to perform tasks according to the provided arguments. user@src_host:file1 is the file’s name to be copied prefixed with the username and address of the source host. And user@dest_host:file2 is the name to the resultant file with the specified address prefixed with the target host username and machine address. Use the -r option to copy all the files and subdirectories inside the folder recursively.
The scp permission denied error shows up when the users do not have the required rights or permission to perform a specific operation. Executable permissions are not required on any host while using the scp command. It requires read permissions on the source system and writing permission on the target system. There might be some ownership issue with the file or directory if you are receiving the scp permission denied error.
SCP permission denied ownership issue.
If the remote host’s directory from which the user is trying to copy the file or data is not owned by the username specified in the command, then an SCP permission denied error could be encountered. Follow the given steps to resolve this issue.
- Login into the remost host with admin privileges.
- Change the ownership of the directory to the USER instead of the root.
- Use the chown (change owner) command to change the ownership.
- Now run the scp command again.
Try using –verbose option
The -v or –verbose options are used to provide a detailed output of the program’s working. Use this option with the scp command to wisely observe the problems occurring under the hood and then troubleshoot the scp permission denied problem accordingly.
Use -P to specify the port number
Sometimes hidden or silent processes run on the arbitrary standard ports number on either host. For example, on the remote host, the chosen port number might be used by another process for another connection. Conflicting port numbers can also cause errors. Use the -P option to provide a specific arbitrary port number in such a case. NOTE – keep in mind that an uppercase -P is used to specify the port number while a lowercase -p is used for other purposes related to the original file.
SCP permission denied (publickey)
The SCP permission denied (public key) is an error message that the users are reported to face when they try to login to their AWS EC2 instance while using the passphrase-less authentication protocol such as ssh. The ssh passwordless authentication makes use of asymmetric cryptography to authenticate the user. If you provide the wrong private key to the scp utility, the scp permission denied error occurs. By default, the scp uses the default ssh private key directory to authenticate the user. Use the -i option to provide your specific private key file.
Gcloud scp permission denied
Google provides cloud computing services in many forms. Google Compute Engine is one such way to use googles cloud services. The glcoud is a command-line utility tool that can interact with the cloud server. The cloud compute scp command is used to copy files from a google cloud virtual machine to your local computer. The syntax is almost similar to the SCP command. Complete documentation of the command can be found here.
If you receive an SCP permission error while copying data from your cloud host, then try downloading the content as the root user. Add @root before your destination or target address to resolve this issue.
gcloud compute scp /Users/File.tar root@local_machine:/home/Desktop
FAQs on SCP Permission Denied
Does the SCP utility come pre-installed with Windows?
Yes, it comes pre-installed on windows.
What is the extension of a private key file?
.pem, is the extension for private key files.
What is the shortcut for accessing the home directory in Linux?
~/, can be used in place of /home.
Conclusion
The SCP permission denied is one of the common errors that could happen during the use of SCP utility for copying files from one host to another. This article provided you with complete information regarding the SCP protocol. We discussed some of the ways and methods that could help in the scenario of the permission denied error.
Trending Now
-
Fixing Xtools XToolkit Installation Error
●March 3, 2023
-
Troubleshoot DeepMotion Preview Not Working: Tips and Tricks
by Dharam Nath Jha●March 3, 2023
-
Getting Virtwifi has No Internet Access? Here’s What to Do!
by Dharam Nath Jha●February 16, 2023
-
The Ultimate Guide to Fixing Wabbajack Failed Unknown Error
by Dharam Nath Jha●February 16, 2023
